[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: problems with tmpfs and relabeling
- From: Bill Nottingham <notting redhat com>
- To: Stephen Smalley <sds tycho nsa gov>
- Cc: James Morris <jmorris redhat com>, Daniel J Walsh <dwalsh redhat com>, fedora-selinux-list redhat com
- Subject: Re: problems with tmpfs and relabeling
- Date: Wed, 26 Apr 2006 11:19:26 -0400
Stephen Smalley (sds tycho nsa gov) said:
> On Fri, 2006-04-21 at 07:51 -0400, Stephen Smalley wrote:
> > On Thu, 2006-04-20 at 14:38 -0400, Bill Nottingham wrote:
> > Possibly stupid question: Will files be created dynamically in these
> > tmpfs mounts at runtime? Do you expect them to follow the traditional
> > inherit-from-parent-directory behavior you get from ext3?
>
> Sorry, not enough caffeine here. They already do follow that behavior
> (via inode_init_security hook call from tmpfs). Only problem here is
> getting the right label on the root directory inode in the first place,
> which likely just requires allowing restorecon to fix it up, as is done
> for /dev as well. This does suggest however that a rootcontext= option
> to mount would be helpful.
Sorry to be dense, but if I were to be writing down what specifically needs
done, that would be:
- rootcontext= support in mount?
- a way to get the root label inode right on tmpfs (is this a policy
or kernel change?)
Just trying to clearly articulate what I'm blocking on.
Bill
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]